Larry Wilson, former UMass Chief Information Security Officer, has developed and delivered training classes on the NIST Cybersecurity Framework for InfraGard, Secureworld, UMass, New Horizon’s, etc. In addition, Larry has helped many organizations across industry sectors design and build a standards-based cybersecurity program based on the NIST Cybersecurity Framework.
The risks that come with cybersecurity can be overwhelming. Building out a robust cybersecurity program is complex for any organization, regardless of size. By adopting the NIST Cybersecurity Framework, organizations will realize many benefits including:
• Standards based framework for measuring risks and improve security
• Calls for senior management and Board understanding of cyber risk
• Currently voluntary, but likely the de-facto standard in event of a breach
• Common language, not “government speak”
• Maps to COBIT, ISO, NIST SP800-53, NIST 800-171, CIS Controls, HIPAA Security Rule, PCI-DSS, etc.
• Includes steps for “Establishing or Improving a Cybersecurity Program”
• Framework, not a risk management Process or maturity model
The seminar will discuss how to apply the process based NIST Risk Management Framework and capabilities based NIST Cybersecurity Framework to an organization’s critical IT assets and information resources. Cybersecurity roles and deliverables are analyzed from four different perspectives (leadership, risk management, engineering and operations) , which helps organizations develop a risk-based cybersecurity program.
Breakfast will be provided. 2 CPEs will be distributed for attendance.